Christian Boltz
d60276e864
functions.inc.php:
...
- PHP around 5.3.8 includes hex2bin as native function - http://php.net/hex2bin
therefore we have to wrap our function (which fortunately gives the same
results) with function_exists().
Reported by MadOtis on #postfixadmin
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1329 a1433add-5e2c-0410-b055-b7f2511e0802
2012-01-11 18:45:10 +00:00
Christian Boltz
71f7b03801
update CHANGELOG.TXT with latest commits/fixes
...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1325 a1433add-5e2c-0410-b055-b7f2511e0802
2012-01-10 20:30:15 +00:00
Christian Boltz
638f2755eb
edit-vacation.php, templates/edit-vacation.php:
...
- only urlencode() $fDomain, not the whole fCanceltarget (otherwise
the ? is also encoded, which results in a 404 error)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1324 a1433add-5e2c-0410-b055-b7f2511e0802
2012-01-10 20:01:23 +00:00
Christian Boltz
8f5047cb20
templates/admin_create-domain.php:
...
- fix XSS in domain and description field
(Thanks to Filippo Cavallarin!)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1323 a1433add-5e2c-0410-b055-b7f2511e0802
2012-01-10 19:39:29 +00:00
David Goodwin
5c4d9e48bd
escape provided url better (fix XSS vuln) - thanks to Flippo Cavallarin for reporting this
...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1322 a1433add-5e2c-0410-b055-b7f2511e0802
2012-01-10 16:09:38 +00:00
David Goodwin
9fb0f040c9
fix xss from poor sanitisation/checking of $_GET[domain], thanks to Flippo Cavallarin for reporting this
...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1321 a1433add-5e2c-0410-b055-b7f2511e0802
2012-01-10 16:08:48 +00:00
David Goodwin
9dd00fb0a7
fix sql injection hole where value fields were not being escaped in the stored file - (thanks to Filippo Cavallarin)
...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1320 a1433add-5e2c-0410-b055-b7f2511e0802
2012-01-10 15:46:25 +00:00
David Goodwin
d8895ccdc2
fix sql injection hole in pacrypt if $CONF[encrypt] == mysql_encrypt (thanks to Filippo Cavallarin)
...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1319 a1433add-5e2c-0410-b055-b7f2511e0802
2012-01-10 15:38:35 +00:00
Christian Boltz
ef0c84283f
list-virtual.php:
...
- delivery to mailbox with a recipient delimiter (mailbox+foo@domain)
was marked as "forward only"
This fixes
https://sourceforge.net/tracker/?func=detail&aid=3420440&group_id=191583&atid=937964
reported by <stderr1> on #postfixadmin
(backport of trunk r1198)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1199 a1433add-5e2c-0410-b055-b7f2511e0802
2011-10-07 22:58:38 +00:00
Christian Boltz
22fb5c5cb2
de.lang:
...
- fix typo
(backport of trunk r1182)
(not worth a changelog entry)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1187 a1433add-5e2c-0410-b055-b7f2511e0802
2011-09-23 16:08:32 +00:00
Christian Boltz
dba89ba42e
functions.inc.php / create_admin():
...
- fix SQL injection (only exploitable by superadmins)
Reported by Matthias Bethke (msbethke@SF),
https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3412484&group_id=191583
(+ changelog update for this and the previous commit)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1185 a1433add-5e2c-0410-b055-b7f2511e0802
2011-09-22 22:29:24 +00:00
Christian Boltz
d196f38dde
*.lang:
...
- add missing pAdminDelete_admin_error text
(already existed in trunk, but was missing in 2.3.x)
Reported by Matthias Bethke (msbethke@SF)
https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3412476&group_id=191583
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1184 a1433add-5e2c-0410-b055-b7f2511e0802
2011-09-22 22:01:52 +00:00
Christian Boltz
8d16ebdab3
update version numbers etc. for the 2.3.4 release
...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1180 a1433add-5e2c-0410-b055-b7f2511e0802
2011-09-16 18:41:00 +00:00
David Goodwin
591680764a
update debian/changelog in preparation of new release
...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1179 a1433add-5e2c-0410-b055-b7f2511e0802
2011-09-16 18:35:00 +00:00
Christian Boltz
1e766a2b39
CHANGELOG.TXT:
...
- whitespace fix - tabs vs. spaces
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1178 a1433add-5e2c-0410-b055-b7f2511e0802
2011-09-16 18:12:37 +00:00
Christian Boltz
1c76c35e6c
import_users_from_csv.py:
...
- update FSF address (the openSUSE build check complained ;-)
(Backport of trunk r1158)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1165 a1433add-5e2c-0410-b055-b7f2511e0802
2011-08-05 22:50:09 +00:00
Christian Boltz
19c65d5441
ADDITIONS/delete-mailq-by-domain.pl,
...
ADDITIONS/squirrelmail-plugin/**/postfixadmin.po:
- whitespace fix: replace DOS line ends with Linux line ends
(no other changes)
This commit backports trunk r1160 to the 2.3 branch.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1161 a1433add-5e2c-0410-b055-b7f2511e0802
2011-08-03 23:01:13 +00:00
Christian Boltz
ac3eadc17c
functions.inc.php - pacrypt():
...
- if dovecotpw does not give the expected output, read stderr and write
it to error_log()
- backported from SVN trunk r1071
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1159 a1433add-5e2c-0410-b055-b7f2511e0802
2011-08-02 19:59:57 +00:00
Christian Boltz
3be1184a9b
vacation.pl:
...
- (really) log to "mail" syslog facility
reported by Johan Meiring (jmeiring) in
http://sourceforge.net/tracker/index.php?func=detail&aid=3086890&group_id=191583&atid=937964
This is a backport of r1073 to the SVN branch.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1074 a1433add-5e2c-0410-b055-b7f2511e0802
2011-06-23 20:53:07 +00:00
Christian Boltz
5153b1e5b4
Text change: Logged _in_ as ... (the 'in') was missing.
...
This is a backport of r1062 from trunk. (Only the real change,
not all the translator comments.)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1063 a1433add-5e2c-0410-b055-b7f2511e0802
2011-05-25 22:07:40 +00:00
Christian Boltz
3804413c82
create-domain.php:
...
- force domain name to lowercase to avoid problems with PgSQL foreign keys
Reported by Munroe Sollog (roe1234@SF),
https://sourceforge.net/tracker/?func=detail&aid=3287965&group_id=191583&atid=937964
after some bughunting on #postfixadmin
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1037 a1433add-5e2c-0410-b055-b7f2511e0802
2011-04-15 23:26:58 +00:00
Christian Boltz
86aabcfa06
list-domain.php:
...
- add explicit field list in SELECT to avoid PgSQL problems with custom columns
Reported by ksb (ksb4ever@SF),
https://sourceforge.net/tracker/?func=detail&aid=2859165&group_id=191583&atid=937964
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1029 a1433add-5e2c-0410-b055-b7f2511e0802
2011-04-10 14:46:43 +00:00
Christian Boltz
eb8fafbc89
functions.inc.php:
...
- generate_password(): generate more secure random password
Based on a patch from Pierre Fagrell (mrfrenzy@SF),
https://sourceforge.net/tracker/?func=detail&aid=2958698&group_id=191583&atid=937964
(with some modifications)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1027 a1433add-5e2c-0410-b055-b7f2511e0802
2011-04-10 14:27:48 +00:00
Christian Boltz
04e743f262
fix typo in variable name
...
Reported by Gabriele Vivinetto (gabrielev@SF),
https://sourceforge.net/tracker/?func=detail&aid=3266862&group_id=191583&atid=937964
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1025 a1433add-5e2c-0410-b055-b7f2511e0802
2011-04-10 13:13:12 +00:00
Christian Boltz
c106ecab76
de.lang:
...
- remove half/invalid utf-8 char in $PALANG['pCreate_dbLog_createalias']
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1014 a1433add-5e2c-0410-b055-b7f2511e0802
2011-03-16 23:05:13 +00:00
David Goodwin
bf7d3bc783
bump revision number + date to keep cboltz happy ;-)
...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1010 a1433add-5e2c-0410-b055-b7f2511e0802
2011-03-14 22:53:51 +00:00
David Goodwin
bd67419e00
debian: update patch files for 2.3.3
...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1009 a1433add-5e2c-0410-b055-b7f2511e0802
2011-03-14 22:52:49 +00:00
David Goodwin
fc50224284
bump version number due to r1006
...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1007 a1433add-5e2c-0410-b055-b7f2511e0802
2011-03-14 22:22:08 +00:00
David Goodwin
34bb12a5cc
update debian/changelog for 2.3.3 release
...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1006 a1433add-5e2c-0410-b055-b7f2511e0802
2011-03-14 22:20:57 +00:00
Christian Boltz
fa14577c2a
r999 is the 2.3.3 release :-)
...
update CHANGELOG and functions.inc.php
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@999 a1433add-5e2c-0410-b055-b7f2511e0802
2011-03-13 20:36:24 +00:00
Christian Boltz
4b7e59b662
edit-vacation:
...
- db_log vacation changes
Known bug: enabling vacation causes two log entries if the user used
vacation before. Better than not logging vacation changes at all.
trunk already has a different fix - it uses VacationHandler which does
indirect logging via AliasHandler.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@987 a1433add-5e2c-0410-b055-b7f2511e0802
2011-03-06 21:30:55 +00:00
Christian Boltz
386ca66f88
functions.inc.php:
...
- db_delete(): revert table_by_key() call - otherwise I would have to merge the
changes from r977 to delete.php which is the only file calling db_delete in
2.3.x and expects that db_delete does not run table_by_key().
That's a risk we can avoid because (interesting math follows...)
buggy db_delete() + buggy delete.php = working code :-)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@980 a1433add-5e2c-0410-b055-b7f2511e0802
2011-03-03 20:57:08 +00:00
Christian Boltz
c2071fc7a0
Merging in various fixes from trunk.
...
upgrade.php:
- change domain.quota, domain.maxquota and mailbox.quota to bigint in PostgreSQL
setup.php:
- strict boolean check for $CONF['configured'] - similar to the check in login.php
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@969 a1433add-5e2c-0410-b055-b7f2511e0802
2011-02-19 20:10:22 +00:00
Christian Boltz
2d48df75c1
Merging in various fixes from trunk.
...
INSTALL.TXT
- add a warning about external HOWTOs
- mention config.local.php
- various small changes
DOCUMENTS/UPGRADE.txt:
- add note about upgrading postfix config for alias domains
- various small additions
functions.inc.php:
- fix db_delete to use table_by_key (didn't work with non-default table
names before)
- use db_insert for logging
languages/sk.lang:
- big translation update by Ondrej Zary (rnbw @sf)
CHANGELOG.TXT:
- updated with the most important changes from above
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@943 a1433add-5e2c-0410-b055-b7f2511e0802
2011-02-01 22:50:50 +00:00
Christian Boltz
1d3aa6c328
config.inc.php:
...
- better documentation for $CONF[alias_control], $CONF[alias_control_admin]
and $CONF[special_alias_control] because the existing comments were
confusing (as pointed out by libertytrek in #postfixadmin)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@935 a1433add-5e2c-0410-b055-b7f2511e0802
2011-01-02 21:33:13 +00:00
Christian Boltz
2c9f015714
CHANGELOG.TXT:
...
- added changes of the previous commits
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@904 a1433add-5e2c-0410-b055-b7f2511e0802
2010-12-25 15:01:33 +00:00
Christian Boltz
81ddc9416c
functions.inc.php:
...
- check_domain(): don't trim() the domain - whitespace is an error.
This catches "foo@ domain.com" that wasn't catched before.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@903 a1433add-5e2c-0410-b055-b7f2511e0802
2010-12-25 14:58:28 +00:00
Christian Boltz
7fd366e46e
edit-alias:
...
some small fixes that came up while integrating the multiple alias
target patch from anexius (r898):
- replace spaces only at the start and end of a line, not in the
middle of an (BTW: invalid) mail address
- prevent input data loss on validation errors
- allow multiple error messages (separated by <br />
(I'll port that to trunk also.)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@899 a1433add-5e2c-0410-b055-b7f2511e0802
2010-12-25 14:16:11 +00:00
Christian Boltz
90766b88cf
create-alias: support multiple alias targets
...
- support multiple alias targets, patch by anexius@SF,
http://sourceforge.net/projects/postfixadmin/forums/forum/676076/topic/4004442
The patch fixes
https://sourceforge.net/tracker/?func=detail&aid=2706290&group_id=191583&atid=937964
additional small fixes:
- replace spaces only at the start and end of a line, not in the
middle of an (BTW: invalid) mail address
- allow multiple error messages (separated by <br />
- prevent input data loss on validation errors
(I'll port this to trunk.)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@898 a1433add-5e2c-0410-b055-b7f2511e0802
2010-12-25 14:11:16 +00:00
Christian Boltz
0c6f5c6d8c
upgrade.php:
...
- backport of r894 (replaced split() with explode(), added $Id)
- already covered in CHANGELOG.TXT
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@895 a1433add-5e2c-0410-b055-b7f2511e0802
2010-12-16 00:35:39 +00:00
Christian Boltz
303acce580
Backport of various fixes from trunk to the 2.3 branch
...
- list-virtual: fix displaying of 'modified' column for aliases when using
postgres
- replaced deprecated split() with preg_split() or explode()
- functions.inc.php: better error messages when database functions are missing
- create domain: fixed typo in variable name that broke the default value for
default aliases
- create domain: backup MX checkbox is now XHTML compliant
- vacation.pl logged literal $variable instead of the variable content at two
places
- POSTFIX_CONF.txt: fixed filename for quota map
- config.inc.php: removed double $CONF['database_prefix']
- config.inc.php: fixed comments about domain_post* script parameters
- CHANGELOG.TXT: add new section for 2.3.3, include all the above
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@893 a1433add-5e2c-0410-b055-b7f2511e0802
2010-12-15 23:41:40 +00:00
Christian Boltz
19dbcdeec7
merged most bugfix changes between 2.3 release and SVN r791 to
...
2.3 branch
- merged: SVN r745, r746, r747, r748, r749, r750, r752, r754, r756,
r767, r770, r771, r772, r773, r774, r777, r778, r779, r789, r790
- r763 partly merged (except smarty part)
- r787 - only part a) merged
- see CHANGELOG.txt changes ;-) or SVN log for details
ToDo: display alias targets for mailboxes (r751 and r787 part b)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@792 a1433add-5e2c-0410-b055-b7f2511e0802
2009-12-28 21:24:38 +00:00
Christian Boltz
8420ff730c
templates/main.php:
...
- fix php short open tags
https://sourceforge.net/tracker/?func=detail&atid=937964&aid=2908994&group_id=191583
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@786 a1433add-5e2c-0410-b055-b7f2511e0802
2009-12-06 01:02:42 +00:00
David Goodwin
1f57b94d7e
login.php: fix XSS hole as per bug 2905599
...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@783 a1433add-5e2c-0410-b055-b7f2511e0802
2009-12-02 13:24:45 +00:00
David Goodwin
f7be4a7494
postfixadmin 2.3 branch
...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@740 a1433add-5e2c-0410-b055-b7f2511e0802
2009-10-26 13:07:50 +00:00
Christian Boltz
7c890a49ea
postfixadmin 2.3 final(ly) :-)
...
- updating version number in various places
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@739 a1433add-5e2c-0410-b055-b7f2511e0802
2009-10-25 14:39:28 +00:00
David Goodwin
eb68607f56
create the plpgsql language if it is not already there; will error if already enabled, but we will just ignore this - this may cause issues if the db user does not have priviledges to create language ... if this is the case the next query will fail
...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@738 a1433add-5e2c-0410-b055-b7f2511e0802
2009-10-24 19:44:32 +00:00
Christian Boltz
4782a885b4
CHANGELOG.TXT:
...
- updated with all changes since 2.3 rc7
- fixed SVN revision of 2.3 rc7
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@737 a1433add-5e2c-0410-b055-b7f2511e0802
2009-10-24 00:13:39 +00:00
Christian Boltz
4168dd5d7b
config.inc.php:
...
- add comment about courier_authlib SHA passwords
backup.php
- also backup quota and quota2 table
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@736 a1433add-5e2c-0410-b055-b7f2511e0802
2009-10-24 00:11:09 +00:00
David Goodwin
cd7172dcea
vacation.pl: see email conversation with stevan@bajic.ch and #2835877 ( https://sourceforge.net/tracker/?func=detail&aid=2835877&group_id=191583&atid=937964 ); thanks to stevan for taking the time to explain why he was right :) - this change makes the vacation script look for user#domain@vacation.domain in the alias table, rather than user@domain, which is a better check (as it implies they also have vacation turned on)
...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@734 a1433add-5e2c-0410-b055-b7f2511e0802
2009-10-21 08:00:07 +00:00